FindBugs缺陷类型统计分析(部分)
FindBugs缺陷类型统计分析(部分)目录
1 正确性警告(CORRECTNESS WARNINGS ) 4
1.1 AM: CREATES AN EMPTY JAR FILE ENTRY 4
1.2 AM: CREATES AN EMPTY ZIP FILE ENTRY 4
1.3 BC: IMPOSSIBLE CAST 4
1.4 BC: INSTANCEOF WILL ALWAYS RETURN FALSE 5
1.5 BIT: INCOMPATIBLE BIT MASKS 5
1.6 BIT: INCOMPATIBLE BIT MASKS 6
1.7 BIT: INCOMPATIBLE BIT MASKS 6
1.8 BIT: BITWISE OR OF SIGNED BYTE VALUE 7
1.9 BOA: CLASS OVERRIDES A METHOD IMPLEMENTED IN SUPER CLASS ADAPTER WRONGLY 8
1.10 CN: CLASS IMPLEMENTS CLONEABLE BUT DOES NOT DEFINE OR USE CLONE METHOD 8
1.11 CN: CLONE METHOD DOES NOT CALL SUPER.CLONE() 8
1.12 CO: ABSTRACT CLASS DEFINES COVARIANT COMPARETO() METHOD 9
1.13 CO: COVARIANT COMPARETO() METHOD DEFINED 10
1.14 DE: METHOD MIGHT DROP EXCEPTION 10
1.15 DE: METHOD MIGHT IGNORE EXCEPTION 11
1.16 DLS: OVERWRITTEN INCREMENT 11
1.17 NP: POSSIBLE NULL POINTER DEREFERENCE DUE TO RETURN VALUE OF CALLED METHOD 12
1.18 NP: METHOD CALL PASSES NULL FOR UNCONDITIONALLY DEREFERENCED PARAMETER 12
1.19 NP: METHOD CALL PASSES NULL FOR UNCONDITIONALLY DEREFERENCED PARAMETER 13
1.20 NP: NON-VIRTUAL METHOD CALL PASSES NULL FOR UNCONDITIONALLY DEREFERENCED PARAMETER 13
1.21 NP: STORE OF NULL VALUE INTO FIELD ANNOTATED NONNULL 13
1.22 NP: READ OF UNWRITTEN FIELD 13
1.23 NS: QUESTIONABLE USE OF NON-SHORT-CIRCUIT LOGIC 14
1.24 NM: CLASS DEFINES EQUAL(); SHOULD IT BE EQUALS()? 14
1.25 NM: CONFUSING METHOD NAMES 14
1.26 NM: CLASS DEFINES HASHCODE(); SHOULD IT BE HASHCODE()? 15
1.27 NM: CLASS DEFINES TOSTRING(); SHOULD IT BE TOSTRING()? 15
1.28 NM: APPARENT METHOD/CONSTRUCTOR CONFUSION 15
1.29 NM: VERY CONFUSING METHOD NAMES 16
1.30 ODR: METHOD MAY FAIL TO CLOSE DATABASE RESOURCE 16
1.31 ODR: METHOD MAY FAIL TO CLOSE DATABASE RESOURCE ON EXCEPTION 17
1.32 OS: METHOD MAY FAIL TO CLOSE STREAM 18
1.33 OS: METHOD MAY FAIL TO CLOSE STREAM ON EXCEPTION 18
1.34 QBA: METHOD ASSIGNS BOOLEAN LITERAL IN BOOLEAN EXPRESSION 19
1.35 QF: COMPLICATED, SUBTLE OR WRONG INCREMENT IN FOR-LOOP 19
1.36 RC: SUSPICIOUS REFERENCE COMPARISON 20
1.37 RCN: REDUNDANT COMPARISON OF NON-NULL VALUE TO NULL 20
1.38 RCN: REDUNDANT COMPARISON OF TWO NULL VALUES 21
1.39 RCN: REDUNDANT NULLCHECK OF VALUE KNOWN TO BE NON-NULL 21
1.40 RCN: REDUNDANT NULLCHECK OF VALUE KNOWN TO BE NULL 21
1.41 RCN: NULLCHECK OF VALUE PREVIOUSLY DEREFERENCED 21
1.42 RE: INVALID SYNTAX FOR REGULAR EXPRESSION 22
1.43 RE: "." USED FOR REGULAR EXPRESSION 22
1.44 RR: METHOD IGNORES RESULTS OF INPUTSTREAM.READ() 22
1.45 RR: METHOD IGNORES RESULTS OF INPUTSTREAM.SKIP() 23
1.46 RV: RANDOM VALUE FROM 0 TO 1 IS COERCED TO THE INTEGER 0 23
1.47 RV: METHOD CHECKS TO SEE IF RESULT OF STRING.INDEXOF IS POSITIVE 23
1.48 RV: METHOD DISCARDS RESULT OF READLINE AFTER CHECKING IF IT IS NONNULL 23
1.49 RV: REMAINDER OF 32-BIT SIGNED RANDOM INTEGER 24
1.50 RV: METHOD IGNORES RETURN VALUE 24
1.51 SA: SELF ASSIGNMENT OF FIELD 24
2 国际化警告(INTERNATIONALIZATION WARNINGS ) 24
2.1 DM: METHOD INVOKES DUBIOUS STRING.TOUPPERCASE() OR STRING.TOLOWERCASE; USE THE LOCALE PARAMETERIZED VERSION INSTEAD 25
3 多线程正确性警告(MULTITHREADED CORRECTNESS WARNINGS ) 25
3.1 RU: INVOKES RUN ON A THREAD (DID YOU MEAN TO START IT INSTEAD?) 25
3.2 SC: CONSTRUCTOR INVOKES THREAD.START() 25
3.3 SP: METHOD SPINS ON FIELD 26
3.4 SWL: METHOD CALLS THREAD.SLEEP() WITH A LOCK HELD 26
3.5 TLW: WAIT WITH TWO LOCKS HELD 26
3.6 UG: UNSYNCHRONIZED GET METHOD, SYNCHRONIZED SET METHOD 27
3.7 UL: METHOD DOES NOT RELEASE LOCK ON ALL PATHS 27
3.8 UL: METHOD DOES NOT RELEASE LOCK ON ALL EXCEPTION PATHS 28
3.9 UW: UNCONDITIONAL WAIT IN METHOD 28
3.10 VO: A VOLATILE REFERENCE TO AN ARRAY DOESN'T TREAT THE ARRAY ELEMENTS AS VOLATILE 28
3.11 WS: CLASS'S WRITEOBJECT() METHOD IS SYNCHRONIZED BUT NOTHING ELSE IS 29
3.12 WA: CONDITION.AWAIT() NOT IN LOOP IN METHOD 29
3.13 WA: WAIT NOT IN LOOP IN METHOD 29
4 安全脆弱代码警告(MALICIOUS CODE VULNERABILITY WARNINGS ) 30
4.1 EI: METHOD MAY EXPOSE INTERNAL REPRESENTATION BY RETURNING REFERENCE TO MUTABLE OBJECT 30
4.2 EI2: METHOD MAY EXPOSE INTERNAL REPRESENTATION BY INCORPORATING REFERENCE TO MUTABLE OBJECT 30
5 性能问题(PERFORMANCE WARNINGS) 30
5.1 DM: METHOD INVOKES DUBIOUS BOOLEAN CONSTRUCTOR; USE BOOLEAN.VALUEOF(...) INSTEAD 30
6 不提倡的风格(STYLE WARNINGS) 31
6.1 BC: QUESTIONABLE CAST TO ABSTRACT 31
1 正确性警告(Correctness Warnings )
1.1 AM: Creates an empty jar file entry
项目
内容
BugID
AM_CREATES_EMPTY_JAR_FILE_ENTRY
错误范式
ZipEntry zipEntry=newZipEntry(fileTo);
zipOutputStream.putNextEntry(zipEntry);
zipOutputStream.closeEntry();
正确范式
ZipEntry zipEntry=newZipEntry(fileTo);
zipOutputStream.putNextEntry(zipEntry);
// do something
FileInputStreamfileInputStream=new FileInputStream(file);
while((n=fileInputStream.read(rgb))>-1)
{
zipOutputStream.write(rgb,0,n);
}
fileInputStream.close();
// do end
zipOutputStream.closeEntry();
zipOutputStream.close();
描述
创建了一个空的Jar文件
详细
创建了一个空的Jar文件,在调用putNextEntry()和closeEntry()之间,没有做任何写入操作。
重要级别
1.2 AM: Creates an empty zip file entry
项目
内容
BugID
AM_CREATES_EMPTY_ZIP_FILE_ENTRY
错误范式
同上
正确范式
同上
描述
同上
详细
同上
重要级别
1.3 BC: Impossible cast
项目
内容
BugID
BC_IMPOSSIBLE_CAST
错误范式
Object obj = new Object();
Vector list = (Vector)obj;
正确范式
描述
必然会导致类型转换异常(ClassCastException)的表达式
详细
导致该错误的几种情况:
<!-- -->1. <!-- -->无公共基类类型进行显示类型转换
<!-- -->2. <!-- -->纯基类型向派生类显示类型转换
<!-- -->3. <!-- -->继承链中非公共节点间进行显示类型转换
重要级别
1.4 BC: instanceof will always return false
项目
内容
BugID
BC_IMPOSSIBLE_INSTANCEOF
错误范式
public boolean isBusy()
{
return false;
}
正确范式
描述
某个方法始终返回false
详细
如果有方法始终返回false,那么就要考虑到是不是编码的时候有所遗漏或者会导致逻辑错误,需要谨慎对待。
重要级别
1.5 BIT: Incompatible bit masks
项目
内容
BugID
BIT_AND
错误范式
public static final intM_SHOW_WINDOW = 0x01;
public static final intM_WINDOW_VISIBLE = 0x11;
public booleanisVisible(int mask)
{
if ((mask & M_SHOW_WINDOW) == M_WINDOW_VISIBLE)
{
return true;
}
else
{
return false;
}
}
正确范式
public static final intM_SHOW_WINDOW = 0x01;
public static final intM_WINDOW_VISIBLE = 0x11;
public booleanisVisible(int mask)
{
if ((mask & M_SHOW_WINDOW) == M_SHOW_WINDOW)
{
return true;
}
else
{
return false;
}
}
描述
不起作用的掩码
详细
当掩码值设置不合理或判断方式错误时会导致掩码值无论为什么都无法满足程序分支遍历要求,可能是设计或编码问题导致,请确认程序逻辑是否正确。
双目“&”运算符表达式中包含常量,则这个表达式的值必然小于等于这个常量,如果比较的值为一个大于该常量的另一个常量,则该条件永远不会满足。
重要级别
1.6 BIT: Incompatible bit masks
项目
内容
BugID
BIT_AND_ZZ
错误范式
public static final intM_SHOW_WINDOW = 0x0;
public booleanisVisible(int mask)
{
if ((mask & M_SHOW_WINDOW) == M_WINDOW_VISIBLE)
{
return true;
}
else
{
return false;
}
}
正确范式
public static final intM_SHOW_WINDOW = 0x01;
public booleanisVisible(int mask)
{
if ((mask & M_SHOW_WINDOW) == M_WINDOW_VISIBLE)
{
return true;
}
else
{
return false;
}
}
描述
不起作用的掩码
详细
当掩码值设置不合理或判断方式错误时会导致掩码值无论为什么都无法满足程序分支遍历要求,可能是设计或编码问题导致,请确认程序逻辑是否正确。
0不能作为功能掩码,否则表达式(mask & 0) ==0)始终为真,功能掩码失效。
重要级别
1.7 BIT: Incompatible bit masks
项目
内容
BugID
BIT_IOR
错误范式
public static final intM_SHOW_WINDOW = 0x11;
public static final intM_WINDOW_VISIBLE = 0x01;
public booleanisVisible(int mask)
{
if ((mask | M_SHOW_WINDOW) == M_WINDOW_VISIBLE)
{
return true;
}
else
{
return false;
}
}
正确范式
public static final intM_SHOW_WINDOW = 0x01;
public static final intM_WINDOW_VISIBLE = 0x11;
public boolean isVisible(intmask)
{
if ((mask | M_SHOW_WINDOW) == M_WINDOW_VISIBLE)
{
return true;
}
else
{
return false;
}
}
描述
不起作用的掩码
详细
当掩码值设置不合理或判断方式错误时会导致掩码值无论为什么都无法满足程序分支遍历要求,可能是设计或编码问题导致,请确认程序逻辑是否正确。
双目“|”运算符表达式中包含常量,则这个表达式的值必然大于等于这个常量,如果比较的值为一个小于该常量的另一个常量,则该条件永远不会满足。
重要级别
页:
[1]